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Amendments to the Specification 



Please replace the paragraph at page 9, Urfes 9-11 with the following replacement 
paragraph : 

(1 ) external networks including a public switched telephone network (PSTN) 

W0i60, an signaling system 7 (SS7) network 170, an Internet 180, and/or a 
wireless network 144: 




Please i:eplace the paragraph at page 13, lines 3-25 with the following replacement 
paragraph: 

In exemplary embodiments, the dynamic host control protocol server Hi and 
domain name service server 214 may operate to dynamically assign IP addresses devices 
in the customer premise equipment 102. Where a dynamic IP assignment scheme is used, 
the customer premises equipment may be provided with one or a plurality of dynamic IP 
assignment when activated initially, and/or at the initiation of each active secession. 
Where an IP address is assigned when the device is initially activated, it may be desirable 
to assign a single IP address to a single broadband residential gateway and assign a port 
address to devices connected to the broadband residential gateway 300. In other 
embodiments, an individual IP address may be assigned to each device coupled to the 
broadband residential gateway 300. For example, the broadband residential gateway may 
include and/or be coupled to one or more cable modems, IP phones, plain old telephone 
system phones, computers, wireless devices, CATV converters, video phones, and/or 
other devices which each may be assigned a unique static and/or dynamic IP address 
and/or a port of a one of these IP addresses. The particular protocol for allocating IP 
addresses and/or ports may be specified using protocols defined in the dynamic host 
control protocol server 214. In exemplary embodiments, the dynamic host control 
protocol server 1 3 1 and DN server 214 may be configured to assign available IP 
addresses fi-om address pools based, for example, on the identity or type of requesting 
device, the amount of use expected for the requesting device, and/or predefined 
assignment protocols defined in the dynamic host control protocol server 1 3 1 and DN 
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server 214. In centralized embodiments, it may be desirable to configure the call 
manager (CM) 218 to provide sufficient information such that the domain name service 
server 214 can distinguish betvi^een static IP devices, dynamic IP devices, registered 
I y devices, unregistered devices, and registered devices that have been assigned to a 

particular class of service e.g., data vs. telephony, un-provisioned, vs. provisioned, etc. 

y"^^^ Please replace the paragraph at page 13, lines 26 - 30 with the following I 
Ljeplacement paragraph: 

The trivial file transfer protocol (TFTP) server VA 132 may be configured to 
transfer certain information to/fi^om one or more broadband residential gateways 300. In 
exemplary embodiments, the trivial file transfer protocol server 132 provides Data Over 
Cable Service Interface Specifications (DOCSIS) configuration information containing 
QoS parameters and other information required for the broadband residential gateway 
300 to operate optimally. 

Please replace^e paragraph at page 26, line 26 - page 28, line 10 with the 
following replacement paragraph: 



Where the elements of the broadband residential gateway 300 are interconnected, 
the interconnection may be provided by one or more data buses, for example, a high 
speed bus (HSB) 360, processor bus 380, and/or other interconnection system. The high 
speed bus 360 , 380 may be configured to provide a flexible conduit for transferring 
information between the internal hardware, processors and ports. In exemplary 
embodiments of the broadband residential gateway 300, the high speed bus 360 may 
include one or more of the following fiinctional units a) a universal remote control 
receiver module 365 for receiving wireless (e.g., infi'ared, and/or RF) signals (e.g., 
keyboard signals and/or remote control signals) for control of the broadband residential 
gateway 300 and/or any connected devices, b) a display, display driver, touch screen 
logic module for driving one or more local and/or remote displays for interfacing with the 
broadband residential gateway 300 and/or one or more connected devices, c) one or more 
TV port modules 336 for interconnecting televisions, set-top devices, and/or other 
audiovisual devices to the broadband residential gateway 300, d) one or more data port 
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modules 334 for connecting/interconnecting data enabled devices (e.g., personal 
computers, palm top devices, etc.), e) one or more telephony port modules 332 for 
interconnecting one or more analog and/or digital telephones, f) one or more peripheral 
port modules 342 for interconnecting one or more peripheral devices such as disk drives, 
data storage devices, video cassette recorders, DVD devices, audio devices, video devices 
(e.g., camcorders, digital cameras, digital video recorders, stereos, etc.), g) one or more 
external/internal intercom modules 344 for interconnecting remote intercom and/or 
security monitoring devices, h) one or more wireless interface modules 345 for 
interconnecting with various wireless extension devices such as wireless TVs, cordless 
and/or wireless telephones, wireless LANs, etc., i) one or more voice recognition/voice 
synthesis modules 355 for generating voice announcements, voice messages, and voice 
prompts and for recognizing voice generated commands and data, j) set-top box module 
350 for performing the functions associated with a set-top box locally and/or for 
communicating with one or more remotely coupled set-top boxes, k) memory 322 (e.g., 
DRAM, RAM, flash, and/or other memory) for storing information and operating data 
within the broadband residential gateway 300, 1) transceiver 302 for communicating with 
one or more external broadband networks m) operating program store 330 (e.g., ROM, 
flash, etc.) for storing at least portions of the operating programs for the broadband 
residential gateway 300 and/or interconnected devices, n) security processor, smart card 
and/or credit card interface module 340 for providing secure processing functions and/or 
credit card/smart card transaction functions, and/or o) distributed processing controller 
306 which may be a microprocessor and/or one or more interconnected distributed 
processing modules for controlling the broadband residential gateway 300. Where the 
distributed processing controller 306 includes one or more distributed processing 
modules, the modules may include a telephony processing module (PI) 308, data 
processing module (P23-) 310, video processing module (P3) 312, auxiliary processing 
module (P4) 314, IP processing module (P5) 316, and/or an operations administration 
maintenance and provisioning processing module (P6) 318 interconnected through one 
or more busses such as processor bus 380. The processor bus 380 and/or high speed bus 
360 may include any suitable interconnect bus including intelligent bus configurations 
incorporating smart buffer logic (not shown in Fig. 3) to facilitate data transfer between 
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3 



interconnected processors and/or modules. The various modules and/or processing 
components of the broadband residential gateway 300 may be powered by , for example, 
a power supply unit (not shown). Each of the individual modules of the broadband 
residential gateway will now be described in more detail. 



Please replace the paragraph at page 35, line 13 - page 36, line 2 with the 
following rep lacement paragraph: 

In the embodiment shown in Fig. 4, the high speed network 120n includes the 
ultra high-speed routers (UHR) 121 configured in a ring configuration. Although this 
embodiment shows the use of the IP network database (IND) 122, other configurations 
are also suitable. Where an IP network database 122 is utilized, it may be desirable to 
incorporate one or more data sets such as: a IP local number portability database (IP 
LNP) 122a which may be utilized for transferring local DN among service providers 
when a user changes their service provider; an IP caller name database (IP CNAME) 
122b which may be utilized to provide a database of names relating to IP addresses 
and/or domain names; an IP line information database (IP LIDB) 122c which may 
provide alternative billing and allow flexibility in determining who pays for a call; and an 
IP 1-800 Database (IP 8YY) 432d which may provide a database of 1-800 numbers 
relating to the IP network 120a. Altematively, the IP local number portability database 
may be located at another location, such as at an IP central station (IP Central) 200. 
Where desired, a local service management system (LSMS) 1 50 may be arranged to 
provide management of the IP local number portability database. Where a local service 
management system 150 is utilized, a plurality of local service order administration 
(LSOA) units 1 52 may be coupled to the local service management system by, for 
example, a number portability administration center (NP AC) 151. In this manner, 
directory numbers may be transported among different service providers. In such a case, 
aNPAC 151 is generally coupled to the LSMS 150 and uses the LSMS 150 to 
synchronize the numbering databases and to coordinate the porting process. 
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Please rejrface the paragraph at page 37, lines 11-26 with the following 
replacement paragraph: 



In one exemplary application of the voice over IP operations, the broadband 
residential gateway 300 digitizes the analog telephony signal using, for example, G.71 1 |i 
law coding (64 Kbps Pulse Code Modulation). The digital samples may then be 
packetized in, for example, the broadband residential gateway 300 into IP packets. The 
broadband residential gateway 300 may be configured to encapsulate the IP packets into, 
for example, DOCSIS (Data Over Cable Service Interface Specifications) fi-ames for 
transmission back to the head-end hub (HEH) 1 1 5 over the hybrid fiber-coaxial plant 
1 12. The hybrid fiber-coaxial plant 112 may then be configured to transport signals for 
both upstream (to head-end hub 303 115 ) and downstream (to the broadband residential 
gateway 300 and customer premise equipment 102) directions. Although the DOCSIS 
protocol is utilized in this example, any fiiture protocol may also be used for the 
digitizing and packeting of data. Where the protocol changes, it may be desirable to 
download new operating code fi"om, for example, IP central station 200 to the individual 
broadband residential gateways 300, to update the communication protocols dynamically. 
When new protocols are adopted, the IP central station may utilize, for example, the 
system management server 216 to download new protocol data into, for example, the 
protocol manager in the call manager 218 and the program store 330 in the broadband 
residential gateway 300. 




Please replace the ABSTRACT with the following replacement ABSTRACT: 

Conununication information transmitted in the broadband communication system 
may be in a packet format and secured using encryption techniques, for example 
encryption software, including a means for providing an initial security key and updated 
security keys to the various pieces of commimication equipment located throughout the 
broadband communication system. When communication equipment, for example a 
gateway, is first registered with, for example, an IP central station, the IP central station 
assigns an initial encryption key to the gateway that is assigned and retained by a server, 
for example a call manager (CM) server, and the gateway (e.g., broadband residential 
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gateway-(BRG)). This initial encryption key may be used to establish a secure two way 
communication between two pieces of communication equipment as an originating point 
communication equipment (OPCE) and a terminating point communication equipment. 
(TPCE), for oxampl o , th o BRG (OPCE) and th e CM (TPCE), th e BRG (OPCE), BRGl, 
and anoth e r BRG (TPCE), BRG2, or th e BRG and a gateway for int e rfacing with anoth e r 
communication system (e.g. VG). Whenever a us e r first activat e s a s e cur e 
communication f e atur e b e for e or during a communication session, th e origination point 
communication equipm e nt ( e .g., BRGl) will not s e nd th e t e rminating ^eint 
communication e quipm e nt ( e .g., BRG2) a pack e t including a privat e k e y which may be 
th e BRG's initial e ncryption k e y. Subs e qu e ntly th e two pi e c e s of communication 
e quipm e nt will e ncrypt and decrypt communication pack e ts to on e anoth e r using the 
privat e k e y. Th e secur e d e ncrypt e d pack e t s may b e part of on e or mor e l e gs in, for 
e xampl e , a conf e r e nc e call, a t e l e conf e r e nc e , or a multim e dia s e ssion. Th e e ncryption 
k e y may b e r e p e at e dly updat e d and chang e d at various tim e int e rvals. Th e r e p e at e d 
updat e s may b e at p e riodic ( e .g., daily) or at random tim e int e rvals. Updat e s of the 
e ncryption k e y may occur wh e n th e s e cur e call f e atur e is activ e or inactiv e . For 
additional s e curity th e syst e m may assign a uniqu e randomly g e n e rat e d e ncryption k e y to 
e ach pack e t during th e communication session and provid e e ach n e w k e y to th e 
conmiunication e quipm e nt ( e .g., BRG) in e ach prior information pack e t transmission. A 
s e cur e call f e atur e may b e activat e d and d e activat e d by th e us e r at anytim e b e for e or 
during (i. e ., r e al tim e activation) an e xisting communication s e ssion. Th e s e cur e call 
f e atur e may b e us e d to s e cur e on e typ e of m e dia using e ncryption whil e not s e curing 
oth e r typ e s of m e dia in a multim e dia communication s e ssion. Alt e rnativ e ly, diff e r e nt 
m e dia typ e s, for e xampl e audio, t e xt, and multim e dia audio and vid e o, may b e s e cur e d at 
diff e r e nt l e v e ls of s e curity using for e xampl e diff e r e nt e ncryption typ e s or algorithms 
( e .g., DBS, PGP, RSA, e tc.). A s e rv e r, for exampl e a call mang e r (CM), may coordinate 
a s e cur e communication b e tw ee n two pi e c e s of communication e quipm e nt by translating 
b e tw ee n two diff e r e nt e ncryption algorithm s in two s e parat e l e gs of a communication 
s e ssion ( e .g., a t e l e phon e call). Alt e mativ e ly, th e s e rv e r may s e nd e ncryption algorithms 
to a pi e c e of communication e quipment so that th e various pi e c e s of communication 
e quipment or e using th e sam e algorithm. Control of th e s e cur e communication may bo 
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transf e rr e d from, for e xampl e an originating gateway to a t e rminating gat e way. In thi s 
cas e th e e ncryption of a s e cur e communication se ssion may b e gin by using th e 
originating gat e way's k e y but th e n start using the t e rminating gat e way's k e y. The on n e t 
communications, for exampl e t e lephon e calls, within th e broadband communication 
syst e m may b e e ncrypt e d but th e on n e t to off not communications for e xampl e t e l e phon e 
calls including PSTN portion, may b e partially e ncrypted. Onc e th e communication 
e nt e rs for e xampl e th e PSTN, it has only that s e curity provid e d by th e traditional wir e lin e 
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